Britain is introducing stricter cyber legislation to protect businesses and the public.
Summary
- Bill expands cyber regulations to more technology and services sectors
- Companies that do not comply with the rules risk fines based on annual turnover
- The law focuses on AI abuse and brings UK standards in line with EU standards
The UK government has formally introduced the Cyber Security and Resilience Bill to Parliament, according to an announcement from the Department of Science, Innovation and Technology.
The legislation would extend existing network and information systems regulations to a broader range of technology and managed service providers, the government said. The bill looking for to strengthen network and data security, improve reporting and response mechanisms for cyber incidents, and reduce risks to critical infrastructure and corporate networks.
The British government focuses on IT protection
IT management, technical support and cybersecurity service providers would face the same legal obligations as companies currently subject to NIS rules under the proposed legislation. Under the provisions of the bill, companies that do not comply with the rules could face fines calculated based on annual turnover.
The legislation would give the technology secretary the authority to direct regulators and organizations to implement preventative measures against cyber threats deemed to pose national security risks.
Independent research commissioned by the Department for Science, Innovation and Technology estimated the average cost of a serious cyber attack in Britain at £190,000 per incident, totaling around £14.7 billion per year, according to the department.
Government officials said the legislation would align British law with European Union standards and strengthen protections against state-sponsored cyber attacks, including threats attributed to China, Iran and North Korea.
The bill contains provisions aimed at preventing the misuse of artificial intelligence, particularly aimed at the creation of child sexual abuse material. The legislation would authorize trusted organizations, including AI developers and charities, to test AI models for vulnerabilities before generating malicious content.
Minister for Science, Innovation and Technology Liz Kendall said the legislation strengthens the UK’s approach to cyber threats and aims to protect public services, businesses and citizens.
